diff options
| author | Petr Vobornik <pvoborni@redhat.com> | 2015-06-10 15:03:44 +0200 |
|---|---|---|
| committer | Petr Vobornik <pvoborni@redhat.com> | 2015-06-11 13:39:09 +0200 |
| commit | 5089dde2cdbe22cabdbf74f325711ea5dcc22490 (patch) | |
| tree | d62f53c826f530690ab740f2c7d6abf34c6869b3 | |
| parent | 6a92b32bf2dfe49e3f219beb6042e9fa71e18dcc (diff) | |
| download | freeipa-5089dde2cdbe22cabdbf74f325711ea5dcc22490.tar.gz freeipa-5089dde2cdbe22cabdbf74f325711ea5dcc22490.tar.xz freeipa-5089dde2cdbe22cabdbf74f325711ea5dcc22490.zip | |
disallow mod of topology segment nodes
Mod of segment end will be disallowed in topology plugin.
Reasoning (by Ludwig): if we want to properly allow mods to change
connectivity and endpoints, then we would need to check if the mod
disconnects the topology, delete existing agreements, check if the new
would be a duplicate and create new agmts. There could be some difficult
scenarios, like having
A <--> B <--> C <--> D,
if you modify the segment B-C to A-D topology breaks and is then
reconnected.
part of: https://fedorahosted.org/freeipa/ticket/4302
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
| -rw-r--r-- | API.txt | 4 | ||||
| -rw-r--r-- | VERSION | 5 | ||||
| -rw-r--r-- | ipalib/plugins/topology.py | 2 |
3 files changed, 5 insertions, 6 deletions
@@ -4804,15 +4804,13 @@ output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) output: Output('truncated', <type 'bool'>, None) command: topologysegment_mod -args: 2,15,3 +args: 2,13,3 arg: Str('topologysuffixcn', cli_name='topologysuffix', multivalue=False, primary_key=True, query=True, required=True) arg: Str('cn', attribute=True, cli_name='name', maxlength=255, multivalue=False, primary_key=True, query=True, required=True) option: Str('addattr*', cli_name='addattr', exclude='webui') option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') option: Str('delattr*', cli_name='delattr', exclude='webui') option: StrEnum('iparepltoposegmentdirection', attribute=True, autofill=False, cli_name='direction', default=u'both', multivalue=False, required=False, values=(u'both', u'left-right', u'right-left', u'none')) -option: Str('iparepltoposegmentleftnode', attribute=True, autofill=False, cli_name='leftnode', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9.][a-zA-Z0-9.-]{0,252}[a-zA-Z0-9.$-]?$', required=False) -option: Str('iparepltoposegmentrightnode', attribute=True, autofill=False, cli_name='rightnode', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9.][a-zA-Z0-9.-]{0,252}[a-zA-Z0-9.$-]?$', required=False) option: StrEnum('nsds5replicaenabled', attribute=True, autofill=False, cli_name='enabled', multivalue=False, required=False, values=(u'on', u'off')) option: Str('nsds5replicastripattrs', attribute=True, autofill=False, cli_name='stripattrs', multivalue=False, required=False) option: Str('nsds5replicatedattributelist', attribute=True, autofill=False, cli_name='replattrs', multivalue=False, required=False) @@ -90,6 +90,5 @@ IPA_DATA_VERSION=20100614120000 # # ######################################################## IPA_API_VERSION_MAJOR=2 -IPA_API_VERSION_MINOR=129 -# Last change: pvoborni - rename topologysegment_refresh to -# topologysegment_reinitialize +IPA_API_VERSION_MINOR=130 +# Last change: pvoborni - disallow mod of topologysegment nodes diff --git a/ipalib/plugins/topology.py b/ipalib/plugins/topology.py index d055602a8..9574b78f6 100644 --- a/ipalib/plugins/topology.py +++ b/ipalib/plugins/topology.py @@ -81,6 +81,7 @@ class topologysegment(LDAPObject): label=_('Left node'), normalizer=lambda value: value.lower(), doc=_('Left replication node - an IPA server'), + flags={'no_update'}, ), Str( 'iparepltoposegmentrightnode', @@ -91,6 +92,7 @@ class topologysegment(LDAPObject): label=_('Right node'), normalizer=lambda value: value.lower(), doc=_('Right replication node - an IPA server'), + flags={'no_update'}, ), StrEnum( 'iparepltoposegmentdirection', |